CVE-2023-34204

Name of the Vulnerable Software and Affected Versions imapsync versions through 2.229

Description The issue concerns the use of predictable paths under /tmp and /var/tmp in the default mode of operation. Since these paths are typically world-writable, an attacker can modify imapsync's cache and overwrite files belonging to the user who runs it.

Recommendations For versions through 2.229, consider changing the default temporary directories to a more secure location that is not world-writable, or apply specific permissions to restrict access to these directories until a patch is available.